Anyone Can Push Updates to the DOGE.gov Website \ stacker news ~Politics_And

pull down to refresh

Anyone Can Push Updates to the DOGE.gov Website www.404media.co/anyone-can-push-updates-to-the-doge-gov-website-2/

808 sats \ 6 comments \ @StillStackinAfterAllTheseYears 14 Feb Politics_And_Law

(Was honestly split between posting this to here or ~Security, but this won my mental coin flip given the nature of any DOGE discussion.)

My cybersecurity skills are low to midlevel, but I'm pretty sure this is bad cybersecurity. I'm really surprised we haven't seen hacktivists posting manifestos on the site.

view all related items

242 sats \ 1 reply \ @ek 14 Feb

without login wall: https://archive.is/pvmpd

0 sats \ 0 replies \ @StillStackinAfterAllTheseYears OP 14 Feb

Crap -- for some reason, 404 loads for me even in incognito, so I never think to use an archive.is link with them.

21 sats \ 3 replies \ @WeAreAllSatoshi 14 Feb

The article seems overly harsh on using CloudFlare Pages and GitHub. This doesn’t feel like a platform issue, but rather an implementation issue. I don’t think the site needs to live on government servers or AWS, but it needs to be secured

100 sats \ 2 replies \ @StillStackinAfterAllTheseYears OP 14 Feb

I think it's less about using CF and GH than using really common and popular tools and not understanding what you're doing with them.

100 sats \ 1 reply \ @WeAreAllSatoshi 14 Feb

I totally agree. Seems like they just did a bad job

0 sats \ 0 replies \ @optimism 14 Feb

No problem!!! Just blitzkrieg the FedRAMP PMO next and delete any standards that do not comply with public-writable CFD1.